Updated on 2025-07-22 GMT+08:00

Overview

In project permission management of CodeArts Req, there are three types of roles: system roles, custom roles, and project administrator. For details, see Table 1. By default, the project administrator, project manager, and test manager roles can configure permissions. CodeArts Req provides default permissions for these system roles. For details, see Default Permissions. If you need to change the permissions, contact the project members of the three roles (project administrator, project manager, and test manager). For details, see Managing CodeArts Project Permissions.

Table 1 Default roles

Role

Description

Project administrator

The general owner of a project who manages all settings and members of the project, including creating, deleting, and modifying the project, assigning and canceling permissions of other roles.

Project manager

The primary owner of a project who manages requirements, plans, progress, and risks of the project, and coordinates work in the project team.

Product manager

Responsible for product design and planning, including defining product requirements, prototypes, and user stories, communicating and collaborating with developers and testers.

Test manager

Responsible for testing, including managing test plans, test cases, test execution, and bug tracking, guiding and supervising test personnel.

O&M manager

Responsible for project O&M, including project deployment, monitoring, and fault locating and rectification.

System engineer

Responsible for the system architecture and infrastructure of a project, including designing, setting up, and maintaining project resources such as servers, networks, and databases.

Committer

Reviews and merges code committed by developers.

Developer

Writes, commits, merges, and branches code, creates and runs pipeline and build tasks.

Tester

Executes test cases, reports bugs, and verifies fixes.

Participant

Participates in a project and creates work items.

Viewer

Views a project and cannot perform any operations in any services.

CodeArts Req provides RBAC and ABAC.

  • RBAC

    By default, when a user is added to a CodeArts Req project, the user is manually assigned a built-in system role or a custom role in the project. The user can perform operations on the project based on the assigned role.

    For details, see RBAC.

  • ABAC

    If the default work item status flow is used and Role to Edit is left empty, the current owner of the work item has the permission to edit the work item. If editable roles are configured in the work item status flow, the fields that can be edited by the role can be limited to achieve refined permission control.

    For details, see ABAC.

This section describes how to configure permissions based on roles and how to implement refined permission control in a custom workflow for an IPD-system device project.